Payment Card Industry (PCI) Security Solutions

Meet PCI DSS requirements

Next Steps:

Overview

Due to the growing problem of credit card fraud and identity theft, the five major credit card companies (American Express, Discover Financial Services, JCB International, MasterCard Worldwide, and Visa) united to support a new independent body, known as the Payment Card Industry Security Standards Council (PCI SSC), to strengthen security controls among their members.f

Together they developed the Payment Card Industry Data Security Standard (PCfI DSS), and agreed to incorporate the PCI DSS as the technical requirements for each of their data security compliance programs.

Key Benefits

There are various McAfee Strategic Security Services programs that help organizations meet Payment Card Industry Data Security Standard (PCI DSS) compliance requirements. McAfee Strategic Security Services expertise can help your organization:

  • Find security holes in applications before hackers can exploit the vulnerabilities.
  • Understand the concepts of building secure software.
  • Evaluate the security of critical servers by analyzing the operating system and application-level security issues.
  • Get guidance in building an Incident Response (IR) Program.
  • Assess the security architecture and evaluate the current design structure of various security control mechanisms in place to determine their effectiveness.
  • Identify and test potential points of attack, focusing on areas where a compromise would have the greatest impact and risk to the business.
  • Maintain a solid security posture over time.
  • Evaluate payment processing applications and products to meet the PCI requirements of protecting cardholder data in transmission and at rest.
  • Measure the maturity of your application security efforts and determine next steps.
  • Build a cost-effective information security management organization.
  • Ensure corporate-wide employee security education.
  • Protect wireless networks. Identifying all wireless network access points and pinpointing weaknesses can assess the overall exposure of the company to wireless network attacks.

Methodology

McAfee Strategic Security Services offers various programs to help organizations become compliant with Payment Card Industry Data Security Standard (PCI DSS) requirements, including staff augmentation, PCI quarterly scans, source code review, and application and network assessments. As a Qualified Security Assessor (QSA), Approved Scanning Vendor (ASV), and Payment Application Data Security Standard (PA-DSS) QSA, McAfee Strategic Security Services can help your organization become PCI compliant.

Related Services

The following are services related to PCI compliance. Download the Solution Matrix for details on the specific requirements satisfied by each service.

Application Penetration Assessment

Discover your applications' vulnerabilities before hackers can exploit the weaknesses.

Building Secure Software

Eliminate potential security flaws early in the software development lifecycle by understanding the processes for secure software design, development, and deployment.

Host Security Configuration Assessment

Protect critical servers. McAfee Strategic Security Services evaluates the security of servers, verifying defenses for operating systems and devices, and identifying vulnerabilities that cannot be detected through network assessments.

Incident Response Partner Program

Handle your toughest security issues before they occur. Lock in incident response and forensic services at a discounted rate to ensure quick, cost-effective remediation.

JumpStart Source Code Security Assessment

Improve the security of your application. McAfee Strategic Security Services' targeted assessment reveals architectural flaws, systemic issues, and major sources of application vulnerabilities, while providing recommendations for mitigating risks.

Network Architecture Assessment

Improve your security foundation. McAfee Strategic Security Services evaluates the security of your network architecture to identify all vulnerabilities and keep intruders away from critical assets.

Policies & Process Development

Define enterprise-wide security policies and build processes to bridge the gap between security policies and technologies. McAfee Strategic Security Services creates and implements effective security processes so your company maintains a solid security posture.

Vulnerability Management Program Development

Manage network vulnerabilities. McAfee Strategic Security Services develops a network vulnerability management lifecycle to ensure new security weaknesses are quickly discovered and mitigated.

Web Application Penetration Assessment

Improve the security of your web applications. McAfee Strategic Security Services identifies holes in production websites before the hackers can exploit vulnerabilities, quantifies the risks to your business, and provides mitigation recommendations.

Wireless Network Security Assessment

Boost wireless network security. McAfee Strategic Security Services evaluates access points, seeks out weak security controls and rogue devices, and implements security policies that minimize wireless risks.

Writing Secure Code: ASP.NET (C#)

Build secure and reliable web applications using ASP.NET in this hands-on course. Understand the key security features of the .NET platform and how to avoid vulnerabilities.

Writing Secure Code: Java (J2EE)

Build secure and reliable web applications using Java by understanding the key security features of the J2EE platform and common web security pitfalls.